Android users, beware! New Xenomorph banking trojan spreads malware via Google Play Store

The new Xenomorph Android banking trojan is now spreading through Google Play Store to access bank accounts and steal funds from its targets.

(Photo: by Rafael Henrique/SOPA Images/LightRocket via Getty Images)
BRAZIL – 2021/05/11: In this photo illustration the Android logo seen displayed on the screen of a smartphone.

Android’s New Xenomorph Banking Trojan

According to a report by beeping computer, The latest malware in town is unlike most existing threats, which use malicious websites or phishing to spread.

Instead, the Xenomorph Trojan uses an app listed on the Google Play Store to target its victims.

The outlet revealed that the new Android banking Trojan has already infected more than 50,000 users from various European countries, such as Belgium, Portugal, Italy and Spain.

It should be noted that the recently discovered malware is still in its early development stages.

Xenomorph targets numerous banking institutions in various locations in Europe to steal money from its victims.

According to a recent report from the cybersecurity firm, Threat Fabricthe city’s newest banking Trojan is actually similar to its older counterpart, known as “Alien”.

Meanwhile, Bleeping Computer suggests this could mean Xenomorph is the next generation Alien. But it is also possible that a single developer is behind these two similar Android Trojans.

Xenomorph Malware: How it Works

The new banking Trojan works like most previous versions of the malware, which attempts to access its targets’ bank accounts to steal their money.

Once the Trojan is installed on their target device, they use their Accessibility permission to create a fake login screen on top of the banking apps.

Zloader Banking Malware Uses Microsoft E-Signature Tool Vulnerability to Steal Sensitive Credentials

(Photo: by NICOLAS ASFOURI/AFP via Getty Images)
In this file photo taken on August 04, 2020, Prince, a member of the Red Hacker Alliance hacking group who declined to give his real name, uses his computer in their office in Dongguan, Guangdong province, southern China. – As the number of devices online increases and super-fast 5G connections roll out.

Additionally, the Xenomorph also replicates the login pages of cryptocurrency mobile wallets and messaging apps.

If ever the account the Trojan tries to access requires two-factor authentication, it could also access the victim’s text messages, making the operation successful.

Read also : Android Joker malware alert: Mobile security firm is asking users to remove these seven apps NOW – here’s why

Banking Trojan on Google Play Store

According to the latest report from recording media, Xenomorph malware hides under an app from the Google Play Store, pretending to be performance-enhancing software called “Fast Cleaner”.

The app is committed to scanning and cleaning Android devices to keep the slow machine running faster than ever. Bleeping Computer notes in the same report that banking Trojans use utility applications to lure their targets into an infection.

Android users, beware!  New Xenomorph banking trojan spreads malware via Google Play Store

(Photo: Rafael Henrique/SOPA Images/LightRocket via Getty Images)
BRAZIL – 2020/07/13: In this photo illustration an Android logo seen displayed on a smartphone.

The Fast Cleaner app has already garnered 50,000 installs on the Google Play Store. However, the official Android app store has already launched the Trojan spreading utility software.

Related article: Google’s Android 13 Profile Switch: Switch users on smartphone via lock screen soon [RUMORS]

This article belongs to Tech Times

Written by Teejay Boris

ⓒ 2021 All rights reserved. Do not reproduce without permission.

Comments are closed.